marcocloud.direct.quickconnect.to

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 203.218.53.46, located in Fanling, Hong Kong and belongs to HKTIMS-AP HKT Limited, HK. The main domain is marcocloud.direct.quickconnect.to.

This is the only time marcocloud.direct.quickconnect.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.218.53.46 203.218.53.46	4760 (HKTIMS-AP...) (HKTIMS-AP HKT Limited)
1	2606:4700::68... 2606:4700::6812:e36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

1 203.218.53.46 (Fanling, Hong Kong)

ASN4760 (HKTIMS-AP HKT Limited, HK)
PTR: pcd263046.netvigator.com

marcocloud.direct.quickconnect.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e36 (United States)

ASN13335 (CLOUDFLARENET, US)

downloads-global.3cx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	3cx.com downloads-global.3cx.com — Cisco Umbrella Rank: 102612	196 KB
1	quickconnect.to marcocloud.direct.quickconnect.to	1 KB
0	3cx.cloud Failed 1139.3cx.cloud Failed
3	3

	Domain	Requested by
1	downloads-global.3cx.com	marcocloud.direct.quickconnect.to
1	marcocloud.direct.quickconnect.to
0	1139.3cx.cloud Failed	downloads-global.3cx.com
3	3

This site contains links to these domains. Also see Links.

Domain
givemeporject.i234.me
github.com

Subject Issuer	Validity	Valid
*.3cx.com SSL.com RSA SSL subCA	`2022-07-26` - `2023-08-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://marcocloud.direct.quickconnect.to/
Frame ID: B347F1C32382FC5027A66879D9BE8F23
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

porject | givemetocode

Page Statistics

3
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

197 kB
Transfer

679 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://givemeporject.i234.me/open-gmt1l-website-tool/index.htm
Title: open gmt1. website tools

Search URL Search Domain Scan URL

URL: https://github.com/givemetocode-net-hk/
Title: github - source code

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response marcocloud.direct.quickconnect.to/	2 KB 1 KB	831ms 228ms	Document text/html	203.218.53.46 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://marcocloud.direct.quickconnect.to/ Protocol HTTP/1.1 Server 203.218.53.46 Fanling, Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS pcd263046.netvigator.com Software nginx / Resource Hash `ef9d76de39b9d6f0c2802bfe218e706c161a54700450255f697d498aa435c09b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 1056 Content-Type text/html Date Thu, 09 Mar 2023 05:58:11 GMT ETag "8ea-5ee2295be41a1" Keep-Alive timeout=20 Last-Modified Wed, 23 Nov 2022 12:39:52 GMT Server nginx Vary Accept-Encoding
GET H2	200	callus.js Show response downloads-global.3cx.com/downloads/livechatandtalk/v1/	677 KB 196 KB	41ms 23ms	Script text/javascript	2606:4700::6812:e36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js Requested by Host: marcocloud.direct.quickconnect.to URL: http://marcocloud.direct.quickconnect.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b67a7c6bca432e31114dd014201001bd5858aaf217e6213c7f7204ce782b82d` Request headers accept-language en-US,en;q=0.9 Referer http://marcocloud.direct.quickconnect.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 09 Mar 2023 05:58:12 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 19 Sep 2022 07:33:19 GMT server cloudflare age 5601 cf-polished origSize=693280 etag W/"b2b71c17facbd81:0" vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 7a5115b8df0c42a9-EWR expires Thu, 09 Mar 2023 09:58:12 GMT
GET		LiveChat478871 1139.3cx.cloud/MyPhone/config/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 1139.3cx.cloud
URL: https://1139.3cx.cloud/MyPhone/config/LiveChat478871

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| callus

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.3cx.com/	1970-01-20 10:12:23	Name: __cf_bm Value: C1VUAjhsk3SxDUnchdYYN8C46zikmKhoieLbtNOF62s-1678341492-0-AbkMIiEZt6GE74DTLCdA0uJV9J4CrUtH7ZNZK5QP117TSx+kQid7okGfpEXDNFg52ucd174/F0/bX9DaKvLMOL0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://marcocloud.direct.quickconnect.to/ Message: Access to fetch at 'https://1139.3cx.cloud/MyPhone/config/LiveChat478871' from origin 'http://marcocloud.direct.quickconnect.to' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://1139.3cx.cloud/MyPhone/config/LiveChat478871 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1139.3cx.cloud
downloads-global.3cx.com
marcocloud.direct.quickconnect.to
1139.3cx.cloud
203.218.53.46
2606:4700::6812:e36
6b67a7c6bca432e31114dd014201001bd5858aaf217e6213c7f7204ce782b82d
ef9d76de39b9d6f0c2802bfe218e706c161a54700450255f697d498aa435c09b

marcocloud.direct.quickconnect.to Open in urlscan Pro 203.218.53.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

33 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

197 kBTransfer

679 kBSize

1 Cookies

2 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

marcocloud.direct.quickconnect.to Open in urlscan Pro
203.218.53.46 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

197 kB
Transfer

679 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions